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DETAILED ACTION 

1. This communication is in response to Application No. 10/525,950, filed 
2/28/2005, claims 1-21 have been examined. 



Arrangement of the Specification 

2. As provided in 37 CFR 1.77(b), the specification of a utility application should 
include the following sections in order. Each of the lettered items should appear in upper 
case, without underlining or bold type, as a section heading. If no text follows the section 
heading, the phrase "Not Applicable" should follow the section heading: 



(a) TITLE OF THE INVENTION. 

(b) CROSS-REFERENCE TO RELATED APPLICATIONS. 

(c) STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR 

DEVELOPMENT. 

(d) THE NAMES OF THE PARTIES TO A JOINT RESEARCH AGREEMENT. 

(e) INCORPORATION-BY-REFERENCE OF MATERIAL SUBMITTED ON A 

COMPACT DISC. 

(f) BACKGROUND OF THE INVENTION. 

(1) Field of the Invention. 

(2) Description of Related Art including information disclosed under 37 
CFR 1.97 and 1.98. 

(g) BRIEF SUMMARY OF THE INVENTION. 

(h) BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE 

DRAWING(S). 

(i) DETAILED DESCRIPTION OF THE FNVENTION. 

(j) CLAIM OR CLAIMS (commencing on a separate sheet). 

(k) ABSTRACT OF THE DISCLOSURE (commencing on a separate sheet). 

(1) SEQUENCE LISTING (See MPEP § 2424 and 37 CFR 1.821-1.825. A 
"Sequence Listing" is required on paper if the application discloses a 
nucleotide or amino acid sequence as defined in 37 CFR 1.821(a) and if 
the required "Sequence Listing" is not submitted as an electronic 
document on compact disc). 



The specification should be broken down into sections. Correction is required. 
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Information Disclosure Statement 

3. The information disclosure statement filed on 3/28/2007 fails to comply with 37 
CFR 1.98(a)(2), which requires a legible copy of each cited foreign patent document; 
each non-patent literature publication or that portion which caused it to be listed; and all 
other information or that portion which caused it to be listed. 

In this case, a copy of the reference listed, namely, the Japanese Office 
action dated November 14, 2006 for patent application number 2004-53203 has 
not been received. As such, it has been placed in the application file, but the 
information referred to therein has not been considered. 

Claim Objections 

4. Claims 4-19 are objected to under 37 CFR 1 .75(c) as being in improper multiple 
dependent form. 

Specifically, in this case, claim 4, a multiple dependent claim, cannot depend on 
another multiple dependent claim, such as claim 3. Claims 5-19 are dependent on claim 
4 (see MPEP § 608.0 l(n)). Accordingly, the claims 4-19 have not been further treated on 
the merits. 

5. Claim 20 recites the limitation "said public key information storage means" in 
line. There is insufficient antecedent basis for this limitation in the claim. Appropriate 
correction is required. 
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Double Patenting 

6. The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. A nonstatutory obviousness- 
type double patenting rejection is appropriate where the conflicting claims are not 
identical, but at least one examined application claim is not patentably distinct from the 
reference claim(s) because the examined application claim is either anticipated by, or 
would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 
1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 1 1 F.3d 1046, 29 USPQ2d 
2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re 
Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 
USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 
1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 
1.321(d) may be used to overcome an actual or provisional rejection based on a 
nonstatutory double patenting ground provided the conflicting application or patent either 
is shown to be commonly owned with this application, or claims an invention made as a 
result of activities undertaken within the scope of a joint research agreement. 
Effective January 1, 1994, a registered attorney or agent of record may sign a 
terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
37 CFR 3.73(b). 
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7. Claims 1-3 are rejected under the judicially created doctrine of obviousness-type 
double patenting as being unpatentable over claims of (US 7,177,932). 

8. Claims 1-3 of instant application are an obvious variation of claims 1-3 of the 
U.S. patent 7,177,932. 

Although the conflicting claims are not identical, they are not patentably distinct 
from each other because: claim 1 of the application has substantially the same 
elements/limitations of claim 1 of the patent. The only differences in the patent claims 
compared to instant application claims are that firstly, the patent claim 1 recites the 
limitation: "a public port connected to the public network and having at least one public 
network address" whereas instant application, recites "a public port connected to the 
public network"; and secondly, the patent claim 1 recites the limitation: "the control unit 
uses public key information included in an incoming data message sent to the public port 
and the list of public key identifiers stored in the storage unit and respectively associated 
internal network addresses of internal devices to determine a destination internal network 
address of a destination internal device, the control unit directing incoming data to the 
destination internal device with the determined destination internal network address", 
whereas the limitation on instant application recites: "the control unit is adapted for 
identifying a destination of the incoming data, which are addressed to a public network 
address of the gateway, by determining an internal network address of the internal device 
based on public key information included in the incoming data and the list of public key 
identifiers and associated internal network addresses". As such both limitations, use 
public key information included in an incoming data message and the list of public key 
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identifiers stored in the storage unit and respectively associated internal network 
addresses of internal devices to determine a destination internal network address of a 
destination internal device, the difference is that in the patent the incoming data message 
"is sent to the public port" and in instant application the incoming data is "addressed to a 
public network address of the gateway" which is substantially the same. 

Furthermore, claims 2-3 of instant application are the same as claims 2-3 of the 

patent. 

Double Patenting 

9. A rejection based on double patenting of the "same invention" type finds its 
support in the language of 35 U.S. C. 101 which states that "whoever invents or discovers 
any new and useful process ... may obtain a patent therefor ..." (Emphasis added). Thus, 
the term "same invention," in this context, means an invention drawn to identical subject 
matter. See Miller v. Eagle Mfg. Co., 151 U.S. 186 (1894); In re Ockert, 245 F.2d 467, 
1 14 USPQ 330 (CCPA 1957); and In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 
1970). 

A statutory type (35 U.S.C. 101) double patenting rejection can be overcome by 
canceling or amending the conflicting claims so they are no longer coextensive in scope. 
The filing of a terminal disclaimer cannot overcome a double patenting rejection based 
upon 35 U.S.C. 101. 



10. Claim 21 is rejected under 35 U.S.C. 101 as claiming the same invention as that 
of claim 15 of prior U.S. Patent No. 7,177, 932. This is a double patenting rejection. 
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In this case, all the limitations in claim 21 of instant application are extant in 
claim 15 of the patent. 



Claim Rejections - 35 USC § 103 

1 1 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made to 
a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 

12. Claims 1-3, and 21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Nessett et al. (US 6,055,236) in view of Cathey et al. (US 7,075,926) in further view of 
Klemba et al. (US 7,305,459). 

13. Regarding claim 1, Nessett discloses a network system (10) as illustrated on 
Figure 1 comprising a gateway (e.g. router 26) for connecting a public network (external 
network) to an internal network (LAN) (see abstract), the gateway comprising: 

a control unit (26) for controlling (e.g. routing) transmission of incoming and/or 
outgoing data between a remote device in the public network (e.g. Internet 30) and at 
least one internal network device (e.g. network devices 14-24) on the internal network 
(e.g. LAN 12) (column 7, lines 25-33 and column 17, lines 1-11); 

a public port (e.g. well known port 80) connected to the public network (col 17 
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lines 38-42); and 

an internal port connected to the internal network (12) for connecting thereto 
(column 8, lines 55-column 9, line 7); 

a storage unit (LDAP) storing a list of public key identifiers (e.g. digital 
certificates) and respectively associated internal network addresses of internal devices 
(col 35 lines 12-32); 

although Nessett further teaches where data packet from the internal devices is 
addressed (e.g. destine) to the external network are address to (e.g. address 48) the public 
network address of the gateway (router 26) (see column 15, lines 63-column 16, line 2 
and table 3); 

Nessett does not explicitly disclose where the control unit identifies a 
destination of the incoming data, by determining an internal network address of the 
internal device based on public key information included in the incoming data and the list 
of public key identifiers and associated internal network addresses. 

Cathey teaches the control unit (controller 100) is adapted (e.g. with engine 408) 
for determining an internal network address of the internal device based on information 
(so called public key) included in the incoming data (col 12 lines 21-24), and the list of 
identifiers (so called public key) (col 12, lines 21-24); 

Nesset nor Cathey explicitly disclose where the incoming data which are 
addressed to a public network address of the gateway and associated internal network 
addresses. 
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Klemba teaches for identifying (i.e. entry service point) a destination of the 
incoming data are addressed to a public network address of the gateway by determining 
an internal network address of the internal device (col 6 lines 54-62, col 7 lines 2-7) and 
associated internal network addresses (col 7 line 42). 

It would have been obvious to one of ordinary skilled in the art at the time the 
invention was made given the teachings of Nessett and Cathey with further teachings of 
Klemba before them, to modify Nessett teachings to include where the control unit 
determines the destination of the data of the internal device based on the public keys used 
to determine the address for the internal device mentioned in Cathey and Klemba. One 
would be motivated to combine these teachings because the public key information stored 
in tables is used to match the address for the internal device in order for the incoming 
packets to be sent to the destination device. It is obvious to one in the art that the 
authentication purposes to this matter is to perform the security related operation using 
the list of public keys with the communication of the gateway or control unit to determine 
the destination IP address of the device to see if the key and address matches to continue 
processing the data being sent. 

14. Regarding claim 2, wherein the public key information in the incoming data 
includes the public key identifier (Cathey col 12, lines 21-24). 

15. Regarding claim 3, an encryption/decryption unit for decrypting the incoming 
data (Klemba, i.e. terminal service point decrypts packets [step 659], Fig B) and/or 
encrypting the outgoing data (Nessett, e.g. transport or tunnel, col 23 lines 52-64). 
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16. Regarding claim 2 1 , this claim comprises a method for 

transmitting the data between the remote device (e.g. computer) and the gateway 

of the internal device (i.e. router routes the data packets to/from computers, Nesset, col 7 
lines 26-30); 

forwarding the incoming data from the gateway to the internal device (Nesset col 
32, lines 60-62); 

storing a list of public key identifiers (so called public key) (Cathey col 12, lines 
21-24) and associated internal network addresses (Klemba col 7 line 42); and 

where incoming data is addressed to the gateway (Nessett: column 15, lines 63- 

column 16, line 2), identifying a destination of the incoming data, by determining an 

internal network address of the internal device based on public key information included 

in the incoming data (Cathey col 12, lines 21-24) and the stored list of public identifiers 

and associated internal network addresses. 

Claim Rejections - 35 USC §102 

17. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under 
section 122(b), by another filed in the United States before the invention by the 
applicant for patent or (2) a patent granted on an application for patent by another 
filed in the United States before the invention by the applicant for patent, except 
that an international application filed under the treaty defined in section 351(a) 
shall have the effects for purposes of this subsection of an application filed in the 
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United States only if the international application designated the United States 
and was published under Article 21(2) of such treaty in the English language. 

18. Claim 20 is rejected under 35 U.S.C. 102(e) as being anticipated by Song et al. 
(2003/0065947). 

19. Regarding claim 20, Song teaches a public key server (16 of Fig. 1) comprising: 
storage means (e.g. database within registry server [24]) for storing information in 

regard to a public key [see paragraphs 0054, 0143]; 

public key request interface for receiving a request for public key information 
stored in said public key information storage means (i.e. said storage means) (step 578 of 
Fig. 20 and par 0054); and 

transmitting the requested information to a requesting device (14) in response 
thereto (step 122 of Fig. 6); 

where said storage means stores a public network address of a gateway as a 
destination address of data to be transmitted to a recipient (i.e. linking address of the 
registry server transmits data to personal device [14], see paragraph 0077), for gateways 
identifying the recipient by means of a public key identifier included in the transmitted 
data (registry servers can identify the personal devices by the public keys being stored in 
the database, 0054), and forwarding the data to the recipient (Figure 6); and 
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said public key request interface (interface interpreted as another registry server 
[164]) is adapted to transmit said stored public network gateway address to the requesting 
device (see paragraph 0136). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Barak Nissan whose telephone number is (571) 270-3632. 
The examiner can normally be reached on Mon-Thurs 7:30 am-5:00 pm. If attempts to 
reach the examiner by telephone are unsuccessful, the examiner's supervisor, Beatriz 
Prieto can be reached on (571)-272-3902. The fax phone number for the organization 
where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO 
Customer Service Representative or access to the automated information system, call 
800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



B.N. 

Patent Examiner 



/Prieto, Beatriz/ 
Supervisory Patent Examiner, Art Unit 4117 



